Networking a computer station generally results in the appearance of threats to said station. These threats can be of an accidental nature, when they appear for example as a result of negligence or via virus propagation; they can also be intentional in nature, for example via targeted attacks to obtain information or to destroy data. To counter these threats, two main categories of solutions currently coexist: hardware firewalls and personal software firewalls.
A personal software firewall is a computer program installed on the station to be protected and making it possible to define detailed and customized security policies, in other words policies that are suited to each user of the station. However, this type of firewall remains vulnerable to its software environment and to the users who operate the computer station. Another drawback of the software firewall is that it is dependent on the operating system and on the type of platform on which it is installed. Furthermore, the circumvention of the protection conferred by a software firewall via privilege-raising techniques is well known, as is shown for example by L. Duflot, O. Grumelard and D. Etiemble in their article entitled “Utiliser les fonctionnalités des cartes mères ou des processeurs pour contourner les mécanismes de sécurité des systèmes d'exploitation” [Using the functionalities of mother cards or processors to circumvent operating system security mechanisms], published in the Symposium on the security of information technologies and communications (SSTIC), and dated May 2006. These techniques can be used to act on the hardware and software elements of the computer station, and even take control of them.
Unlike the software firewall, a hardware firewall is conventionally positioned in series on a network so as to protect a number of computer stations against the threats deriving from an external network. However, this type of firewall does not make it possible to protect the computer stations connected to the same local area network and situated behind said firewall. Furthermore, an overall security policy (for each local area network) is generally selected so as to retain flexibility of configuration and therefore facilitate the deployment of new stations; this overall security policy runs counter to the determination to adapt the control to each station by defining detailed and customized security policies. Finally, end-to-end encryption is excluded by this type of firewall, because the analysis of encrypted datastreams is difficult, even impossible to perform. The data must therefore be decrypted at the level of the hardware firewall, and not at the level of the final recipient of the data, which introduces a security failing and additional installation, configuration and maintenance constraints.
An alternative is proposed by the company 3COM, which sells a network card referenced by the product number 3CRFW200B and offering firewall functionalities. This card is connected to a PCI port of a computer, PCI being the acronym for “Peripheral Component Interconnect”, and offers a network interface. The data obtained from the network are received via said interface, processed by the card, then transmitted to the computer via the PCI bus. However, this card poses a number of security problems. On the one hand, it is easy, for a person using the computer station, to intentionally circumvent the protection conferred by said card by disconnecting the network cable from the station to reconnect it to a standard network interface of the computer station. On the other hand, the security policy of the card can be configured via a graphical interface, which renders the card vulnerable to operating errors on the part of the user, to disturbances or malicious intent from the operating system or the surrounding software, even to hardware malfunctions.